Peter B. West wrote:
That was quick. The source for org.jcp is not part of src.zip in the JDK
distribution. If I try to use the xmlsec-1.4.2.jar sources, things go wrong,
naturally. Where can I get the sources that were included in the JDK? I'm
used 1.6.0_07 and 1.6.0_10RC.
See: http://download.java.net/jdk6/
It might be easier to use Apache XMLSec 1.4.2 jars with JDK 6, as then
you can debug the sources as they exist at Apache and use this alias for
reporting any issues.
You can do this with the endorsed override mechanism of the JDK. What
you need to do is download the following jars:
1) Java XMLSec 1.4.2
http://xml.apache.org/security/dist/java-library/
2) Commons Logging:
http://commons.apache.org/downloads/download_logging.cgi
You need the commons logging library because the Apache implementation
uses that instead of the JDK logging mechanism.
Put these two jars in a lib directory, and then specify that lib
directory as the endorsed directory when running your application, for
example:
java -Djava.endorsed.dirs=lib ...
--Sean
Peter B. West wrote:
I've been trying to track down problems by tracing in NetBeans. I am using
the JSR-105 API for the signature components, so I assume that I am
getting these classes from rt.jar, as there is no services SPI in the
xmlsec-1.4.2.jar.
When I try to trace the calls using NetBeans, the trace skips straight
over the xmlsec classes, but happily traces into the other classes in the
JDK. The Call Stack shows the DOMXMLSignature.sign method call in Hidden
Source Calls, but knows the line number.
See http://www.nabble.com/file/p19752612/DOMSignContext.png
DOMSignContext.png
Do you guys have any idea why this might be the case.
Peter
